Jump to content

Masque Attack iOS

CaliJL
By CaliJL
in Tech News
 Share
Posted

"Masque Attack works by luring users to install an app outside of the iOS App Store, by clicking a phishing link in a text message or email. For example, in a demo video, an SMS message with a link attached was sent with the following text "Hey, check this out, the New Flappy Bird."

Once clicked, the link directs to a website, which prompts the user to install an app. The app in the video isn't Flappy Bird, but a malicious version of Gmail that installs directly over the legitimate version of Gmail downloaded from the App Store, making it virtually undetectable."

 

 

http://forums.macrumors.com/showthread.php?t=1817070

 

"Quote:

Masque Attacks can pose much bigger threats than WireLurker. Masque Attacks can replace authentic apps,such as banking and email apps, using attacker's malware through the Internet. That means the attacker can steal user's banking credentials by replacing an authentic banking app with an malware that has identical UI. Surprisingly, the malware can even access the original app's local data, which wasn't removed when the original app was replaced. These data may contain cached emails, or even login-tokens which the malware can use to log into the user's account directly."

 

Just like the Wirelurker malware, we should be seeing a response from Apple in no time.

Link to comment
https://linustechtips.com/topic/248229-masque-attack-ios/
Share on other sites
Link to post
Share on other sites
Posted
Masque Attack can be used to install fake versions of apps over legitimate App Store versions using iOS enterprise provision profiles, which are used for beta testing or by companies to distribute apps to employees without the need for the official App Store.

 

 

 

this isnt the first time ive seen this method abused before

If your grave doesn't say "rest in peace" on it You are automatically drafted into the skeleton war.

Link to comment
https://linustechtips.com/topic/248229-masque-attack-ios/#findComment-3404730
Share on other sites
Link to post
Share on other sites
Posted

This is not good.

Rig CPU Intel i5 3570K at 4.2 GHz - MB MSI Z77A-GD55 - RAM Kingston 8GB 1600 mhz - GPU XFX 7870 Double D - Keyboard Logitech G710+

Case Corsair 600T - Storage Intel 330 120GB, WD Blue 1TB - CPU Cooler Noctua NH-D14 - Displays Dell U2312HM, Asus VS228, Acer AL1715

 

Link to comment
https://linustechtips.com/topic/248229-masque-attack-ios/#findComment-3404735
Share on other sites
Link to post
Share on other sites
Posted

I didn't know there was a way to install apps on iOS outside of App Store without jailbreaking.

The stone cannot know why the chisel cleaves it; the iron cannot know why the fire scorches it. When thy life is cleft and scorched, when death and despair leap at thee, beat not thy breast and curse thy evil fate, but thank the Builder for the trials that shape thee.
Link to comment
https://linustechtips.com/topic/248229-masque-attack-ios/#findComment-3405537
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×